How elite hackers (almost) stole the NASDAQ

  • 17 July 2014
  • 1 reply
  • 3 views

Userlevel 7
Badge +54

Elite hackers used two zero-day exploits to penetrate world's #2 stock market.

by Dan Goodin - July 17 2014
 


 
In 2010, elite hackers, most likely from Russia, used at least two zero-day vulnerabilities to penetrate the computer network operated by Nasdaq Stock Market, a hack that allowed them to roam unmolested for months and plant destructive malware designed to cause disruptions, according to a media report published Thursday.
The intrusion initially caught the attention of officials inside the National Security Agency, the Central Intelligence Agency, and departments of Defense, Treasury, and Homeland Security for two reasons, Bloomberg Businessweek journalist Michael Riley reported in an article headlined How Russian Hackers Stole the Nasdaq. One, it appeared to be the work of hackers sponsored by Russia or another powerful nation-state. Two, far from the typical espionage campaigns that merely siphon out secret data, the malware involved in the attack contained what early on appeared to be a digital bomb that could cause serious damage.
 
Full Article

1 reply

Userlevel 7
By Iain Thomson, 17 Jul 2014
 
NASDAQ servers were infected by malware that exploited two mystery zero-day vulnerabilities, according to a magazine cover story published today.
Despite spending a ton of money on computer security, the stock exchange was wide open to attack, we're told. Today's report pulls back the curtain back to reveal a little more about the attack on NASDAQ software first reported in February 2011.
 In 2010 the FBI noticed odd network traffic coming out of NASDAQ's systems that indicated a malware infection. The feds alerted the exchange, which knew about a compromise but had neglected to tell anyone about it. A five-month investigation by the FBI, NSA, CIA and US Treasury Department ensued.
 
The Register/ Full Read Here/ http://www.theregister.co.uk/2014/07/17/nasdaq_hack_report/

Reply